EP11: On-Prem Exchange Server Throttling

Written by Hornetsecurity / 28.06.2023 /

You are currently viewing a placeholder content from Youtube. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

You are currently viewing a placeholder content from Libsyn. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

Microsoft’s recent decision to throttle traffic from old and outdated versions of On-Premises Exchange has sent shockwaves through the tech community. In today’s episode, Andy and Paul Schnackenburg delve into the details of Microsoft’s plans to protect Exchange Online against persistently vulnerable on-premises Exchange Servers by throttling and blocking emails from these unsupported servers. 

Tune in to understand the reasoning behind Microsoft’s strategy with this change, how organizations can keep themselves protected through process, and where third-party vendors can plug in and provide value. 

Timestamps:

4:00 – Microsoft’s plan details and communication 

10:50 – Paul and Andy’s thoughts on why Microsoft is making this change 

18:40 – Is it “Ethical” for Microsoft to block on-prem Exchange traffic? 

26:31 – What should affected organizations do? 

Episode Resources:

Microsoft’s Announcement

SMB1 Changes at Microsoft

Hornetsecurity’s 365 Total Protection

Find Andy on LinkedInTwitter or Mastadon

Find Paul on LinkedIn or Twitter

Microsoft Exchange Online encompasses a range of limits, each falling into specific categories to govern various aspects of its functionality:

Address book limits

  • It was about the size and scope of address books maintained within Exchange Online.

Capacity alerts

  • Monitoring and notifying administrators when predetermined capacity thresholds are reached or exceeded.

Distribution group limits

  • Constraints on the number of recipients, membership, or other attributes related to distribution groups.

Exchange ActiveSync limits

  • Limitations on Exchange ActiveSync connections and associated features.

Hold limits

  • Specifications regarding data preservation hold include duration or number of delays allowed.

Journal, transport, and inbox rule limits

  • Parameters governing journaling, transport rules, and inbox rules.

Mailbox folder limits

  • Restrictions on the number, size, or depth of folders within user mailboxes.

Mailbox storage limits

  • Limits on the total storage capacity allocated to individual mailboxes.

Message limits

  • Controls on message size, attachments, or other characteristics.

Moderation limits

  • Guidelines for message moderation, including approval processes or restrictions.

Receiving and sending limits

  • Boundaries on the volume or size of incoming and outgoing messages.

Reporting and message trace limits

  • Limitations on reporting capabilities and message trace functionalities.

Retention limits

  • Parameters governing data retention policies and associated timeframes.

With an awareness that Microsoft has limited visibility into the exact number of on-premises servers, many of which are running obsolete and vulnerable versions of Exchange Server, the need for effective reactive measures to prevent the overuse of resources, which can potentially impact service reliability and functionality, is imminent.

The 365 Total Protection service provides advanced threat detection, email filtering, and real-time monitoring to protect against malicious attacks and ensure a secure Exchange environment. Throttling plays a vital role in maintaining system stability by restricting individual users’ or applications’ consumption of server resources.

You might also be interested in: